Anyone helping Atlanta-based credit bureau Equifax craft its most recent New Year's resolutions would have done well to help it focus on overhauling its information security practices, procedures and people. Indeed, the data breach that began last March at Equifax and which it discovered months later rates as one of the worst in history, with personal details for 145.5 million U.S. consumers - as well as others in Britain and Canada - having been stolen. Equifax continues to face investigations by Congress, the Justice Department, the U.S. Federal Trade Commission, regulators in Britain and Canada, as well as multiple consumer lawsuits seeking class action status (see Equifax Confirms 'Probable' Breached Data Was Indeed Stolen).

"... to help us regain trust with consumers and customers."

Good news: The firm on Monday announced that it has hired a steady CISO hand to help with its cybersecurity overhaul: Jamil Farshchi.

"We are pleased to welcome Jamil to our team and confident that he possesses the talent and skill set needed to continue our journey toward developing industry-leading security practices and, ultimately, to help us regain trust with consumers and customers," Paulino do Rego Barros Jr., Equifax's interim CEO, says in a statement. "Jamil has a reputation for helping enterprises rebuild and fortify information security programs."

Indeed, Farshchi has a track record for helping companies that not only need to sharpen their cybersecurity practices but prove to investors that they're doing so. He arrives from Home Depot, which he joined in 2015 just months after the retailer suffered a malware attack against point-of-sale systems in more than 2,100 U.S. and Canadian stores that led to 56 million credit and debit cards being stolen.

Data Breaches Cost

But bad data breaches are often a symptom of organizations with inadequate information security policies and procedures. Breaches can also be bad for reputations and have at least a short-term impact on the bottom line.

Big, bad data breaches are often bad for careers. Before Monday, Equifax's CISO position was vacant. In fact, after the data broker issued its first security alert about its massive data breach last September, its CIO, CSO as well as CEO quickly "retired."

Life After Home Depot

Jamil Farshchi. (Photo: LinkedIn)

Enter Farshchi. During his nearly two-year tenure at Home Depot, he built "a world-class information security capability which is tailored to support the complexities of the modern retail business; strategically emphasizing risk intelligence, data devaluation and rapid response," his LinkedIn profile boasts.

Home Depot in 2015 had hired Farshchi away from his role as CISO of Time Warner, where he had created a federated, risk-based security program, according to his LinkedIn profile. Before that, he worked as vice president of global information security for Visa and CISO of Los Alamos, among other roles.

At Equifax, Farschchi will report directly to the CEO.

"Equifax is a company with tremendous potential, and I am confident that we will transform our security program into one of the most advanced and recognized globally," he says in a statement. "I am grateful for this new challenge and am looking forward to enabling the business with new insights, a fresh perspective, and a multi-dimensional way of thinking about global data stewardship and information security."

Equifax's 2018 is off to a good information security start. Let's hope it continues.

About the Author

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Enter your email address to reset your password

Already have anISMG account?

Forgot Your Password Message:

Contact Us

Already have anISMG account?

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.